Status Tracking Note TRTA08-137A

Debian/Ubuntu OpenSSL Random Number Generator Vulnerability

A vulnerability in the OpenSSL package included with the Debian GNU/Linux operating system and its derivatives may cause weak cryptographic keys to be generated. Any package that uses the affected version of SSL could be vulnerable.

Event Information

Date (UTC)	Description
2008-05-20 17:11	Symantec ThreatCON (2) => (1) No significant attacks are known to be targeting the recently disclosed SSH vulnerability affecting Debian and Ubuntu computers. All activity identified last week on port 22 has also subsided.
2008-05-16 21:56	SANS Internet Storm Center INFOcon back to green The Debian/Ubuntu SSL problem by now has sufficient media attention. Once the big security firms raise their threat level indicators, we at SANS ISC can go back to green :).
2008-05-16 18:17	US-CERT TA08-137A: Microsoft Updates for Multiple Vulnerabilities Via US-CERT Mailing List
2008-05-16 07:02	JPCERT/CC JPCERT-AT-2008-0007: OpenSSL packages contain a predictable random number generator
2008-05-15 23:29	Bugtraq Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby) Debian SSH Key Tester #Cid: debian_openssh_key_tester.rb #Cid: 29179.rb
2008-05-15 21:27	Symantec ThreatCON (2) => (2) Debian, Ubuntu, and variants have an issue in the OpenSSL library that generates weak cryptographic keys. Users are urged to update their software and to regenerate new keys with the corrected OpenSSL library.
2008-05-15 15:30	SANS Internet Storm Center INFOCon yellow: update your Debian generated keys/certs ASAP (Version: 2) As you can see, we raised the INFOCon level to yellow. The main idea behind INFOCon is to protect the Internet infrastructure at large, and the development on automated scripts exploiting key based SSH authentication looks like a real threat to SSH servers around the world (any SSH server using public keys that were generated on a vulnerable Debian machine - meaning - the keys had to be generated on a Debian machine between September 2006 and 13th of May 2008).
2008-05-15 14:35	Bugtraq Remote Host Key Scanner SSH Key Tester This script tests whether a target SSH server is vulnerable to the major weak SSL key bug found in May 2008 #Cid: seb-test-vul-ssh-host-rel1.sh
2008-05-15 12:38	US-CERT Debian and Ubuntu OpenSSL and OpenSSH Vulnerabilities US-CERT Current Activity Debian and Ubuntu have released multiple security advisories to address vulnerabilities in their OpenSSL package and other cryptographic application packages that rely on it. These vulnerabilities are due to weaknesses in the random number generator that is used to create SSL and SSH cryptographic keys.
2008-05-15 12:02	SANS Internet Storm Center Debian and Ubuntu users: fix your keys/certificates NOW (Version: 2) Today Matt wrote in to let us know that H D Moore posted a web page containing all SSH 1024, 2048 and 4096-bit RSA keys he brute forced.
2008-05-14 18:00	Bugtraq Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit Debian SSH Key Tester #Cid: debian_ssh_rsa_2048_x86.tar.bz2
2008-05-14	Debian DSA-1576: openssh -- predictable random number generator The recently announced vulnerability in Debian's openssl package (DSA-1571-1, CVE-2008-0166) indirectly affects OpenSSH.
2008-05-13 21:30	SANS Internet Storm Center OpenSSH: Predictable PRNG in debian and ubuntu Linux (Version: 4) Debian and Ubuntu Linux users should look into their OpenSSH setup. It turns out the PRNG (Pseudo Random Number Generator) as used was predictable.
2008-05-13 13:50	Debian A detector for known weak key material
2008-05-13	Debian DSA-1571: openssl -- predictable random number generator The random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.


Date first published (UTC):	2008-05-19T22:52+00:00
Date last updated (UTC):	2008-05-22T18:57+00:00